At the last PyCon, Brett Cannon told me that he had already implemented the security architecture (or security template) for Python within Firefox. However, he did not go forward with the project because he would not be able to get a PhD from doing it. :-)
Dennis Lee Bieber wrote: > On Tue, 13 Nov 2007 09:51:49 -0000, bramble <[EMAIL PROTECTED]> > declaimed the following in comp.lang.python: > > > >> Why can't it be safely sandboxed? >> >> That is, why not just have a Python interpreter and some safe subset >> of the Python standard library run with the browser? I mean, aside >> > > It's not just the library (at a start you'd need to strip out > modules os, popen, and subprocess), but you'd also need to block out > exec, eval() (and by extension, input() ) from the interpreter core. > Might need to do nasty things to the low-level import mechanism so that > villains can't rig a web site to contain an import module with ability > to access the local file system. > -- Shane Geiger IT Director National Council on Economic Education [EMAIL PROTECTED] | 402-438-8958 | http://www.ncee.net Leading the Campaign for Economic and Financial Literacy
begin:vcard fn:Shane Geiger n:Geiger;Shane org:National Council on Economic Education (NCEE) adr:Suite 215;;201 N. 8th Street;Lincoln;NE;68508;United States email;internet:[EMAIL PROTECTED] title:IT Director tel;work:402-438-8958 url:http://www.ncee.net version:2.1 end:vcard
-- http://mail.python.org/mailman/listinfo/python-list
